Vulnerability Description
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 3Com | 3Crwe454G72 | 1.0.2 |
References
- http://secunia.com/advisories/13942
- http://securitytracker.com/id?1012958
- http://www.idefense.com/application/poi/display?id=188&type=vulnerabilitiesVendor Advisory
- http://www.securityfocus.com/bid/12322PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18994
- http://secunia.com/advisories/13942
- http://securitytracker.com/id?1012958
- http://www.idefense.com/application/poi/display?id=188&type=vulnerabilitiesVendor Advisory
- http://www.securityfocus.com/bid/12322PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18994
FAQ
What is CVE-2005-0112?
CVE-2005-0112 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication an...
How severe is CVE-2005-0112?
CVE-2005-0112 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0112?
Check the references section above for vendor advisories and patch information. Affected products include: 3Com 3Crwe454G72.